Red Hat Enterprise Linux NSS Cryptographic Module version 6.0 FIPS 140-2 Non-Proprietary Security Policy Document Version 1.2 Last Update: 2019-05-10 Red Hat Enterprise Linux NSS Cryptographic Module FIPS 140-2 Non-Proprietary Security Policy Table of Contents 1. Cryptographic Module Specification...................................................................................................................3 1.1. Description of the Module........................................................................................................................... 3 1.2. Description of the Approved Modes............................................................................................................4 1.3. Cryptographic Boundary............................................................................................................................. 6 1.3.1. Hardware Block Diagram....................................................................................................................7 1.3.2. Software Block Diagram.....................................................................................................................8 2. Cryptographic Module Ports and Interfaces........................................................................................................9 2.1. PKCS #11................................................................................................................................................... 9 2.2. Inhibition of Data Output............................................................................................................................. 9 2.3. Disconnecting the Output Data Path from the Key Processes..................................................................10 3. Roles, Services and Authentication...................................................................................................................11 3.1. Roles......................................................................................................................................................... 11 3.2. Role Assumption....................................................................................................................................... 11 3.3. Strength of Authentication Mechanism......................................................................................................11 3.4. Multiple Concurrent Operators..................................................................................................................12 3.5. Services.................................................................................................................................................... 12 3.5.1. Calling Convention of API Functions.................................................................................................12 3.5.2. API Functions.................................................................................................................................... 12 4. Physical Security.............................................................................................................................................. 21 5. Operational Environment.................................................................................................................................. 22 5.1 Applicability................................................................................................................................................ 22 5.2 Policy......................................................................................................................................................... 22 6. Cryptographic Key Management......................................................................................................................23 6.1. Random Number Generation....................................................................................................................24 6.2. Key/CSP Storage...................................................................................................................................... 25 6.3. Key/CSP Zeroization................................................................................................................................. 25 7. Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC).........................................................26 7.1 Statement of compliance...........................................................................................................................26 8. Self-Tests.......................................................................................................................................................... 27 8.1. Power-Up Tests........................................................................................................................................ 27 8.2. Conditional Tests...................................................................................................................................... 27 9. Guidance.......................................................................................................................................................... 29 9.1. Crypto Officer Guidance...........................................................................................................................29 9.1.1. Access to Audit Data.........................................................................................................................29 9.2. User Guidance.......................................................................................................................................... 30 9.2.1. TLS Operations................................................................................................................................. 31 9.2.2. RSA and DSA Keys.......................................................................................................................... 31 9.2.3. Triple-DES Keys...............................................................................................................................31 9.3. Handling Self-Test Errors..........................................................................................................................31 10. Mitigation of Other Attacks..............................................................................................................................32 11. Glossary and Abbreviations............................................................................................................................33 12. References..................................................................................................................................................... 34 © 2019 Red Hat/atsec information security. This document can be reproduced and distributed only whole and intact, including this copyright notice. 2 of 34 Red Hat Enterprise Linux NSS Cryptographic Module FIPS 140-2 Non-Proprietary Security Policy 1. Cryptographic Module Specification This document is the non-proprietary security policy for the Red Hat Enterprise Linux NSS Cryptographic Module, and was prepared as part of the requirements for conformance to Federal Information Processing Standard (FIPS) 140-2, Security Level 1. 1.1. Description of the Module The Red Hat Enterprise Linux NSS Cryptographic Module version 6.0 (hereafter referred to as the “Module”) is a software library supporting FIPS 140-2 approved cryptographic algorithms. For the purposes of the FIPS 140-2 validation, its embodiment type is defined as multi-chip standalone. The Module is an open-source, general-purpose cryptographic library, with an API based on the industry standard PKCS #11 version 2.20. It combines a vertical stack of Linux components intended to limit the external interface each separate component may provide. The Module is FIPS 140-2 validated at overall Security Level 1 with levels for individual sections shown in the table below: Security Component FIPS 140-2 Security Level Cryptographic Module Specification 1 Cryptographic Module Ports and Interfaces 1 Roles, Services and Authentication 2 Finite State Model 1 Physical Security N/A Operational Environment 1 Cryptographic Key Management 1 EMI/EMC 1 Self-Tests 1 Design Assurance 2 Mitigation of Other Attacks 1 Table 1: Security Level of the Module The Red Hat Enterprise Linux NSS Cryptographic Module has been tested on the following platforms: Hardware Processor Operating System Tested Platform With Without AES-NI AES-NI Dell PowerEdge Intel® Xeon® CPU E5- Red Hat Enterprise Linux 7 Yes Yes R630 2640 Table 2: Tested Platforms © 2019 Red Hat/atsec information security. This document can be reproduced and distributed only whole and intact, including this copyright notice. 3 of 34 Red Hat Enterprise Linux NSS Cryptographic Module FIPS 140-2 Non-Proprietary Security Policy 1.2. Description of the Approved Modes The Module supports two modes of operation: FIPS Approved mode and non-Approved mode. When the Module is powered on, the power-up self-tests are executed automatically without any operator intervention. If the power-up self-tests complete successfully, the Module will be in FIPS Approved mode. The table below lists the Approved algorithms in FIPS Approved mode: Usage Approved Algorithm Keys/CSPs CAVS Certificate Encryption and AES encryption and AES 128, 192 and 256 bits Certs. #5600, #5601, decryption decryption with ECB, CBC keys #5602, #5603 and CTR modes Three-key Triple-DES Three-key Triple-DES 168 Certs. #2816, #2817